From 2748d4c889627ecfe350b6d89e879771694c3f5f Mon Sep 17 00:00:00 2001
From: Eugene Bujak <hmage@hmage.net>
Date: Tue, 19 Feb 2019 15:19:11 +0300
Subject: [PATCH] /tls/configure -- check if https port is usable before
 accepting the new config

---
 control.go | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/control.go b/control.go
index af1a6d4c..13c36d84 100644
--- a/control.go
+++ b/control.go
@@ -1047,6 +1047,20 @@ func handleTLSValidate(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// check if port is available
+	// BUT: if we are already using this port, no need
+	alreadyRunning := false
+	if httpsServer.server != nil {
+		alreadyRunning = true
+	}
+	if !alreadyRunning {
+		err = checkPortAvailable(config.BindHost, data.PortHTTPS)
+		if err != nil {
+			httpError(w, http.StatusBadRequest, "port %d is not available, cannot enable HTTPS on it", data.PortHTTPS)
+			return
+		}
+	}
+
 	data = validateCertificates(data)
 	marshalTLS(w, data)
 }
@@ -1058,6 +1072,20 @@ func handleTLSConfigure(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// check if port is available
+	// BUT: if we are already using this port, no need
+	alreadyRunning := false
+	if httpsServer.server != nil {
+		alreadyRunning = true
+	}
+	if !alreadyRunning {
+		err = checkPortAvailable(config.BindHost, data.PortHTTPS)
+		if err != nil {
+			httpError(w, http.StatusBadRequest, "port %d is not available, cannot enable HTTPS on it", data.PortHTTPS)
+			return
+		}
+	}
+
 	restartHTTPS := false
 	data = validateCertificates(data)
 	if data.WarningValidation == "" {